Running random user programs as ROOT?!
Tomas Ruden
tomas at u30003.rsv.svskt.se
Fri Jun 28 21:17:31 AEST 1991
In article <867 at minya.UUCP> jc at minya.UUCP (John Chambers) writes:
>> I hope not. Su sets *real* and effective user ID. The
>> saved-set-user-ID should be wiped out by the su program when SUing
>> to the user's account. Otherwise SU is *horribly* broken.
>
>OK, so if I wanted to write a version of su that wasn't "horribly
>broken", how would I do it? I've dug around in TFM on several
>occasions, trying to make sense of the saved-set-user-ID concept, to
>little avail. They seem to think that they should keep it a secret
>from me, because if I'm interested, I am obviously an Evil Hacker who
>is trying to violate system security.
>
>So far, I haven't seen any documented system call to set this third
>uid that some Unix kernels keep. If there's no (documented) way to set
>it, how can you accuse a program of being "horribly broken" if it
>doesn't set it correctly?
Talking HP-UX, based on BSD Unix, the saved-user-ID is set to the
effective-user-ID when the process preformes an exec.
I think, but I'm not sure, that saved-user-ID isn't supported in AT&T V.3.
>--
>All opinions Copyright (c) 1991 by John Chambers. Inquire for licensing at:
>Home: 1-617-484-6393 ...!{bu.edu,harvard.edu,ima.com,eddie.mit.edu,ora.com}!minya!jc
>Work: 1-508-486-5475 {sppip7.lkg.dec.com!jc,ub40::jc}
--
Tomas Ruden, tomas at u30003.rsv.svskt.se
Don't blame the Swedish Tax ! I wish I had an English
Administration for my opinions ! spellingchecker
More information about the Comp.unix.admin
mailing list